summaryrefslogtreecommitdiff
path: root/methods/gpgv.cc
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-11-12 23:22:33 +0100
committerDavid Kalnischkies <david@kalnischkies.de>2016-11-24 00:21:35 +0100
commit8e438ede2f179f2f66268308c24d62952ac06fa4 (patch)
treef115bdf4230d0ce5e6093dedf84d9ddc80b7fd8e /methods/gpgv.cc
parent8e7a99564dd57b0dcb7df47b43e71ccefc8e0ebe (diff)
report apt-key errors via status-fd messages
We report warnings from apt-key this way already since 29c590951f812d9e9c4f17706e34f2c3315fb1f6, so reporting errors seems like a good addition. Most of those errors aren't really from apt-key through, but from the code setting up and actually calling it which used to just print to stderr which might or might not intermix them with (other) progress lines in update calls. Having them as proper error messages in the system means that the errors are actually collected later on for the list instead of ending up with our relatively generic but in those cases bogus hint regarding "is gpgv installed?". The effective difference is minimal as the errors apply mostly to systems which have far worse problems than a not as nice looking error message, which makes this pretty hard to test – but at least now the hint that your system is broken can be read in proper order (= there aren't many valid cases in which the permissions of /tmp are messed up…). LP: #1522988
Diffstat (limited to 'methods/gpgv.cc')
-rw-r--r--methods/gpgv.cc7
1 files changed, 6 insertions, 1 deletions
diff --git a/methods/gpgv.cc b/methods/gpgv.cc
index d073c733e..a8887d703 100644
--- a/methods/gpgv.cc
+++ b/methods/gpgv.cc
@@ -40,6 +40,7 @@ using std::vector;
#define GNUPGREVKEYSIG "[GNUPG:] REVKEYSIG"
#define GNUPGNODATA "[GNUPG:] NODATA"
#define APTKEYWARNING "[APTKEY:] WARNING"
+#define APTKEYERROR "[APTKEY:] ERROR"
struct Digest {
enum class State {
@@ -241,6 +242,8 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
}
else if (strncmp(buffer, APTKEYWARNING, sizeof(APTKEYWARNING)-1) == 0)
Warning("%s", buffer + sizeof(APTKEYWARNING));
+ else if (strncmp(buffer, APTKEYERROR, sizeof(APTKEYERROR)-1) == 0)
+ _error->Error("%s", buffer + sizeof(APTKEYERROR));
}
fclose(pipein);
free(buffer);
@@ -372,9 +375,11 @@ bool GPGVMethod::URIAcquire(std::string const &Message, FetchItem *Itm)
URIStart(Res);
// Run apt-key on file, extract contents and get the key ID of the signer
- string msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(), key,
+ string const msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(), key,
GoodSigners, BadSigners, WorthlessSigners,
SoonWorthlessSigners, NoPubKeySigners);
+ if (_error->PendingError())
+ return false;
// Check if all good signers are soon worthless and warn in that case
if (std::all_of(GoodSigners.begin(), GoodSigners.end(), [&](std::string const &good) {